What are the responsibilities and job description for the Azure Engineer position at METRIX IT SOLUTIONS INC?
Azure Engineer (AKS and NGINX exp) at Dallas, TX
Contract
Job Description
Must Have Technical/Functional Skills
• Define the target reference architecture for greenfield AKS clusters along with engineering team and ensure how bluefield cluster remain undisruptive: control plane choices, private clusters, node pool strategy, upgrade/runway, and regional topology.
• Lead design for NGINX → Azure Managed Gateway API: HTTPRoute/Gateway modeling, TLS/WAF strategy, policy attachments, and weighted/canary traffic for cutover.
• Architect kubenet → Azure CNI (Cilium) migration with new clusters with Engineering team: IP planning, subnet sizing, pod density, surge capacity, cordon/drain and service-by-service move plan.
• Choose/validate dataplane features: Cilium network policy, kube‑proxy replacement (if enabled), Hubble visibility, and implications on performance/SNAT.
• Standardize identity/secrets: Azure - Key Vault CSI; cert lifecycle (Key Vault and/or Gateway API).
• Establish platform guardrails: Azure Policy, RBAC least‑privilege, multi‑tenancy boundaries (namespace/project isolation).
• Define/Follow the GitHub standards: reusable workflows, CODEOWNERS, branch protections, environment approvals, and artifact provenance/signing.
• Own non‑functional requirements: SLOs, HA/DR, capacity modeling, performance budgets, and failover patterns for ingress and data plane.
• Govern delivery: roadmap, cutover criteria, readiness gates; mentor Platform/DevOps on architectural compliance.
• Own the target platform architecture and cutover from NGINX → Azure Managed Gateway API and kubenet → Azure CNI (Cilium) using new clusters/existing cluster. Closely work with Engineering and operation team.
Roles & Responsibilities
• Required experience- AKS/Platform, strong Gateway API (prod ops), NGINX → Azure Managed Gateway API migrations, and deep Azure CNI/Cilium networking (IP planning, subnetting, pod density)
• Define the target reference architecture for greenfield AKS clusters along with engineering team and ensure how bluefield cluster remain undisruptive: control plane choices, private clusters, node pool strategy, upgrade/runway, and regional topology.
• Lead design for NGINX → Azure Managed Gateway API: HTTPRoute/Gateway modeling, TLS/WAF strategy, policy attachments, and weighted/canary traffic for cutover.
• Architect kubenet → Azure CNI (Cilium) migration with new clusters with Engineering team: IP planning, subnet sizing, pod density, surge capacity, cordon/drain and service-by-service move plan.
• Choose/validate dataplane features: Cilium network policy, kube‑proxy replacement (if enabled), Hubble visibility, and implications on performance/SNAT.
• Standardize identity/secrets: Azure - Key Vault CSI; cert lifecycle (Key Vault and/or Gateway API).
• Establish platform guardrails: Azure Policy, RBAC least‑privilege, multi‑tenancy boundaries (namespace/project isolation).
• Define/Follow the GitHub standards: reusable workflows, CODEOWNERS, branch protections, environment approvals, and artifact provenance/signing.
• Own non‑functional requirements: SLOs, HA/DR, capacity modeling, performance budgets, and failover patterns for ingress and data plane.
• Govern delivery: roadmap, cutover criteria, readiness gates; mentor Platform/DevOps on architectural compliance..